Flow-Logic

Computing Education Resources for Teachers

Privacy Policy for Flow-Logic

Last updated: March 2026

Overview

Flow-Logic is a web-based educational tool that lets users create and simulate flowcharts. This Privacy Policy explains what information we process when you use the website, purchase a licence, access the IP-locked area, or contact support.

Information We Collect

Depending on how you use Flow-Logic, we may process:

  • Purchase details: full name, work email, school/organisation, school public IP address, chosen password, and detected payer IP.
  • Payment records from Stripe: checkout session ID, payment ID, invoice/receipt links, totals, and tax amounts.
  • Access-control records: authorised IP addresses, labels, password status, and account timestamps.
  • Usage analytics for licensed pages: protected-page hit counts per paid IP and cookie-based unique-visitor counts.
  • Support data: contact form messages, IP correction requests, replies, and message history.
  • Technical/security data: request metadata such as IP address, date/time, and user-agent logs.

Stripe Payments and VAT Invoices

Payments are processed by Stripe. We do not store full card numbers, CVC values, or full bank-card credentials on Flow-Logic servers. Stripe may collect billing information needed to process payment and tax.

Stripe sends the buyer’s payment receipt/invoice to the checkout email address. Where Stripe Tax applies, VAT values are shown on Stripe billing documents. We also receive payment confirmation and reference data so we can process licence setup.

How We Use Information

  • To create Stripe checkout sessions and process one-time licence purchases.
  • To send purchase notifications and confirmations to both admin and the purchaser.
  • To manually activate purchased access (currently processed by 19:00 UK time each day).
  • To enforce site access controls using authorised public IPs and access passwords.
  • To monitor usage levels on licensed pages (for example, total accesses per authorised IP).
  • To process IP change/correction requests and support enquiries.
  • To protect the service against misuse and maintain audit/security records.

Cookies Used by Flow-Logic

Flow-Logic uses essential first-party cookies to keep admin/access sessions secure. We also use a first-party usage cookie (flowlogic_usage_id) on licensed model pages to help avoid double-counting repeat visits from the same browser when reporting usage per IP in the admin panel.

  • Cookie purpose: usage measurement and duplicate-visit reduction for licensed access analytics.
  • Cookie type: first-party, random identifier (no direct personal profile data stored in the cookie value).
  • Retention: up to 12 months, unless cleared earlier by the browser/user.

If cookies are blocked or cleared, usage counts may treat the same browser as a new visitor.

Google Drive & Google Picker

Flow-Logic optionally integrates with Google services so you can save and load Flow-Logic project files (typically .flow) from your Google Drive.

When you use Drive Save or Drive Load, Flow-Logic uses:

  • Google Drive API to upload and download Flow-Logic project files.
  • Google Picker API to let you select a file from your Google Drive to open.

Flow-Logic requests the following Google Drive permission:
https://www.googleapis.com/auth/drive.file

This permission allows Flow-Logic to:

  • Create Flow-Logic project files in your Google Drive
  • Open (download) Flow-Logic project files you select using the Google Picker
  • Update files created or opened with Flow-Logic

Flow-Logic cannot view, access, or modify other Google Drive files unless you explicitly select them with the Google Picker or they were created by Flow-Logic.

Data Storage and Retention

Purchase, access-control, and support records are stored in our service database and internal admin systems. We keep data for as long as needed to provide access, support, operational security, and accounting/legal compliance.

Access passwords created in the admin system are stored as secure password hashes. Because checkout details may be sent by email for manual setup, do not reuse sensitive passwords from other systems.

Third-Party Services

Flow-Logic uses third-party providers to operate the service, including:

  • Stripe for payment processing, tax calculation, and billing documents.
  • Google (Drive API and Picker API) for optional save/load features.
  • Email and hosting providers for transactional messages and website operation.

Stripe privacy policy: https://stripe.com/privacy
Google privacy policy: https://policies.google.com/privacy

Children's Privacy

Flow-Logic is intended for educational institutions and staff use. Purchase and support forms are intended for adults. We do not knowingly collect personal data directly from children through checkout or support channels.

Changes to This Policy

This Privacy Policy may be updated occasionally to reflect changes to the application. The “Last updated” date will be revised when changes are made.

Contact

If you have questions about this Privacy Policy, please use the online contact form.

Open contact form